CVE-2024-40767

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenStack Nova versions prior to 29.1.1

Description A medium severity issue affects OpenStack Nova, where crafted image paths can expose sensitive data, potentially leading to data theft risk.

Recommendations For OpenStack Nova versions prior to 29.1.1, update to version 29.1.1 or later to resolve the issue.

Exploit

Fix

Files Accessible to External Parties

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-436CWE-552

Related Identifiers

CVE-2024-40767

DLA-3873-1

GHSA-RM86-H44C-2R2M

RHSA-2024:5083

RHSA-2024:5097

RHSA-2024:5113

USN-6911-1

Affected Products

Linuxmint

Openstack Nova

Ubuntu

CVE-2024-40767

Weakness Enumeration

Related Identifiers

Affected Products

References · 22